<?php
session_start();

if(strtolower($_POST['yzm']) != strtolower($_SESSION['yzm'])){
	echo '<script>alert("验证码错误");window.location.href= </script>';
}




$uname    = $_POST['zhanghao'];
$pwd = $_POST['pwd'];

@mysql_connect('localhost', 'root', 'root');

mysql_errno();

mysql_select_db('blog');

mysql_set_charset('utf8');

$sql = "select * from user where zhanghao ='$uname' and pwd ='$pwd'";
$res = mysql_query($sql);
$arr = mysql_fetch_assoc($res);

if($res){
	echo '<script>alert("登陆成功");;window.location.href="index.php"</script>"';
	$_SESSION['uname']= $arr['nicheng'];
	$_SESSION['zt']= $arr['zhuangtai'];
	$_SESSION['islogin']= 1;
}else{
	echo '<script>alert("登陆失败");window.location.href="denglu.php"</script>';

}